Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8078534

DRS 1.2: checksum algorithm needs to be restricted to SHA-256

    XMLWordPrintable

Details

    • b15
    • Verified

    Backports

      Description

        DRS 1.2 implements checksum type rule for unsigned jars.
        The AMC interface passes checksum and checksum algorythm to deploy in CodeRef constructor in order to prevent deploy code from trying to download the jar and calculate the checksum itself. If a DRS ruleset could contain different checksum rules with different algorithms, then this would be thwarted, and deploy would try to download the jar to calculate the checksum in the other algorithm.

        We could solve this by changing the interface to pass in array of checksums and algorithms, and AMC would have to compute the checksums in all possible algorithms.

        It would be easier at this time to just restrict the possible algorithms to just SHA-256, and at this time we see no pressing need to support any other algorithm.

        DRS 1.2 will be modified to allow only SHA-256 as the algorithm used for checksum element.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8079206 DRS 1.2: checksum algorithm needs to be restricted to SHA-256

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8079928 DRS 1.2: checksum algorithm needs to be restricted to SHA-256

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8082208 DRS 1.2: checksum algorithm needs to be restricted to SHA-256

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8086378 DRS 1.2: checksum algorithm needs to be restricted to SHA-256

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8137462 DRS 1.2: checksum algorithm needs to be restricted to SHA-256

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8079677 fix to JDK-8078534 removed part of fix to JDK-8076220

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Activity

              People

                herrick Andy Herrick (Inactive)
                herrick Andy Herrick (Inactive)
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: